CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group

CISA, FBI, USCYBEROM Issue Warning on ‘Kimsuky’ North Korean-Backed Hacking Group
Cybercrime

The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Cyber Command Cyber National Mission Force (CNMF) have issued a joint advisory to warn the public of a North Korean-linked hacking group called Kimsuky.

The advanced persistent threat (APT) group uses social engineering and spearphishing tactics to infiltrate U.S. systems, according to the notice dated Tuesday.

CISA, FBI and CNMF utilized data from intelligence reporting and open-source databases to consolidate Kimsuky's tactics, techniques and procedures (TTP).

Kimsuky has also used stolen web hosting credentials to disseminate threats and created subdomains to mimic websites such as Google and Yahoo.

According to the advisory, Kimsuky conducts intelligence collection operations against organizations and individuals in the U.S., Japan and South Korea. The APT group was most likely launched in 2012, the notice states.

You may also be interested in...

Leidos Algorithm for TSA Prohibited Item Detection Moves to Certification Phase

A new Automatic Prohibited Item Detection (APID) machine learning-based algorithm for identifying non-explosive weapons and other …